Steffen quickly landed on Illumio Core as the superior solution. “The ability to segment at the host level and enforce policy with native OS firewalls solved the problem in an elegant way,” he explained.
Speed and ease have been defining facets of the team’s micro-segmentation experience from the start. Their move from proof of concept to production went smoothly and swiftly, with no impact on business operations.
“From a technical point of view, policy creation is where most of the work usually lies. But this is extremely simple with Illumio’s testing and automation capabilities.”
With Illumio policies in place, Frankfurter Volksbank has maintained ISO 2700x compliance requirements for segmentation. They have also addressed BAIT and MaRisk specifications, from environmental separation (isolating development, test, and production) to ringfencing applications.
Illumio Core’s Illumination real-time application dependency map has been invaluable to the team and auditors alike. The map helped them fulfill the BAIT requirement for “an up-to-date overview of the components of the defined information network” and provides an application-centric view of their environment. It is an easy way for auditors to see connectivity and enforced policies, eliminating piles of Word documents to prove compliance.
They’ve taken full advantage of the power of the map by adding Illumio’s vulnerability map offering, which ingests vulnerability scan results to provide insights into their most vulnerable workloads and pathways attackers may exploit.
“With Illumio, we have made a significant leap to maximize security and minimize the risk of operational disruptions,” said Steffen.